Accelerated Elliptic Curve J-PAKECryptography Hardware Acceleration Plugins

Detailed Description

Accelerated Elliptic Curve J-PAKE using the SE peripheral.

Data Structures

struct  mbedtls_ecjpake_context
 

Enumerations

enum  mbedtls_ecjpake_role { MBEDTLS_ECJPAKE_CLIENT = 0, MBEDTLS_ECJPAKE_SERVER }
 

Functions

void mbedtls_ecjpake_init (mbedtls_ecjpake_context *ctx)
 Initialize a context (just makes it ready for setup() or free()).
 
int mbedtls_ecjpake_setup (mbedtls_ecjpake_context *ctx, mbedtls_ecjpake_role role, mbedtls_md_type_t hash, mbedtls_ecp_group_id curve, const unsigned char *secret, size_t len)
 Set up a context for use.
 
int mbedtls_ecjpake_check (const mbedtls_ecjpake_context *ctx)
 Check if a context is ready for use.
 
int mbedtls_ecjpake_write_round_one (mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Generate and write the first round message (TLS: contents of the Client/ServerHello extension, excluding extension type and length bytes)
 
int mbedtls_ecjpake_read_round_one (mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len)
 Read and process the first round message (TLS: contents of the Client/ServerHello extension, excluding extension type and length bytes)
 
int mbedtls_ecjpake_write_round_two (mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Generate and write the second round message (TLS: contents of the Client/ServerKeyExchange)
 
int mbedtls_ecjpake_read_round_two (mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len)
 Read and process the second round message (TLS: contents of the Client/ServerKeyExchange)
 
int mbedtls_ecjpake_derive_secret (mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Derive the shared secret (TLS: Pre-Master Secret)
 
void mbedtls_ecjpake_free (mbedtls_ecjpake_context *ctx)
 Free a context's content.
 

Enumeration Type Documentation

Roles in the EC J-PAKE exchange

Enumerator
MBEDTLS_ECJPAKE_CLIENT 

Client

MBEDTLS_ECJPAKE_SERVER 

Server

Definition at line 43 of file ecjpake_alt.h.

Function Documentation

int mbedtls_ecjpake_check ( const mbedtls_ecjpake_context ctx)

Check if a context is ready for use.

Parameters
ctxContext to check
Returns
0 if the context is ready for use, MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise
int mbedtls_ecjpake_derive_secret ( mbedtls_ecjpake_context ctx,
unsigned char *  buf,
size_t  len,
size_t *  olen,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Derive the shared secret (TLS: Pre-Master Secret)

Parameters
ctxContext to use
bufBuffer to write the contents to
lenBuffer size
olenWill be updated with the number of bytes written
f_rngRNG function
p_rngRNG parameter
Returns
0 if successfull, a negative error code otherwise
void mbedtls_ecjpake_free ( mbedtls_ecjpake_context ctx)

Free a context's content.

Parameters
ctxcontext to free
void mbedtls_ecjpake_init ( mbedtls_ecjpake_context ctx)

Initialize a context (just makes it ready for setup() or free()).

Parameters
ctxcontext to initialize
int mbedtls_ecjpake_read_round_one ( mbedtls_ecjpake_context ctx,
const unsigned char *  buf,
size_t  len 
)

Read and process the first round message (TLS: contents of the Client/ServerHello extension, excluding extension type and length bytes)

Parameters
ctxContext to use
bufPointer to extension contents
lenExtension length
Returns
0 if successfull, a negative error code otherwise
int mbedtls_ecjpake_read_round_two ( mbedtls_ecjpake_context ctx,
const unsigned char *  buf,
size_t  len 
)

Read and process the second round message (TLS: contents of the Client/ServerKeyExchange)

Parameters
ctxContext to use
bufPointer to the message
lenMessage length
Returns
0 if successfull, a negative error code otherwise
int mbedtls_ecjpake_setup ( mbedtls_ecjpake_context ctx,
mbedtls_ecjpake_role  role,
mbedtls_md_type_t  hash,
mbedtls_ecp_group_id  curve,
const unsigned char *  secret,
size_t  len 
)

Set up a context for use.

Note
Currently the only values for hash/curve allowed by the standard are MBEDTLS_MD_SHA256/MBEDTLS_ECP_DP_SECP256R1.
Parameters
ctxcontext to set up
roleOur role: client or server
hashhash function to use (MBEDTLS_MD_XXX)
curveelliptic curve identifier (MBEDTLS_ECP_DP_XXX)
secretpre-shared secret (passphrase)
lenlength of the shared secret
Returns
0 if successfull, a negative error code otherwise
int mbedtls_ecjpake_write_round_one ( mbedtls_ecjpake_context ctx,
unsigned char *  buf,
size_t  len,
size_t *  olen,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Generate and write the first round message (TLS: contents of the Client/ServerHello extension, excluding extension type and length bytes)

Parameters
ctxContext to use
bufBuffer to write the contents to
lenBuffer size
olenWill be updated with the number of bytes written
f_rngRNG function
p_rngRNG parameter
Returns
0 if successfull, a negative error code otherwise
int mbedtls_ecjpake_write_round_two ( mbedtls_ecjpake_context ctx,
unsigned char *  buf,
size_t  len,
size_t *  olen,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Generate and write the second round message (TLS: contents of the Client/ServerKeyExchange)

Parameters
ctxContext to use
bufBuffer to write the contents to
lenBuffer size
olenWill be updated with the number of bytes written
f_rngRNG function
p_rngRNG parameter
Returns
0 if successfull, a negative error code otherwise